IOC Radar
IPMediumSignal 40/100

152.32.132.190

Location
Hong KongHong Kong
Hong Kong, Kowloon
ASN
AS135377
Ucloud Information Technology (hk) Limited
First Seen
Mar 12, 2025
Last Seen
Jun 5, 2026
Mar 12
First Seen
461d ago
Jun 5
Last Seen
11d ago
12
Reports
source reports
40%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
40%
Signal Score
40 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

49 techniques

Network Information

CountryHKHong Kong
RegionHong Kong, Kowloon
ASNAS135377
OrganizationUcloud Information Technology (hk) Limited

IP Category

Proxy
Proxy server

Feed Intelligence Summary

12 reports40% confidence
12
Source reports
40%
Confidence score
Category tags
abuseactive scanactive scanningadbhoney honeypotasiaattackauthentication failurebad reputationbad web botblocklistbotnetbotnet activitybrute forcebrute force attackbrute-forcecommand and controlcommunication protocolcowrie honeypotcowrie login attemptscredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase securityddosddos attackdecoy systemdenial of servicedionaea honeypotdionaea malware collectiondistributed attacksencryptionexploit kit activityexploitation activityexploited hostftp brute forcehackinghkhong konghttps proxyidentity & access exploitationinjection activitymailoney honeypotmalicious activitymalicious payload attemptmalicious softwaremalwaremalware behaviourmalware capturemalware landingnetworknetwork enumerationnetwork reconnaissancenetwork scanningnetwork securitynorth americapassword attackpassword attacksphishingphishing attackphishing trapprocess injectionproxyransomwarereconnaissanceredis exploitation attemptsredis honeypotresearchedresource hijackingscannerself-signedsentrypeer botnetsftp attacksftp attemptsip brute forcesocial engineeringspamssh attackssh monitoringsslt1016t1016.001t1021t1021.001t1021.002t1021.004t1021.006t1040t1041t1046t1055t1059t1059.004t1068t1071t1071.001t1078t1078.001t1078.002t1078.003t1078.004t1110t1110.001t1110.002t1110.003t1110.004t1133t1189t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1565t1566.001t1566.002t1566.003t1566.004t1588t1588.002t1588.004t1595t1595.001t1595.002t1595.003tannertanner exploitationtargeting databasetelecommunicationsthreat actorthreat intelligencetor nodeunauthorized loginunited statesvoipvoip attackweb app attackweb application attackweb exploitationweb spam

Activity Timeline

1 total obs
Jun 5Jun 5

Threat Activity Heatmap

· Peak: 2026-06-05
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
40
SIGNAL
Signal Score
40%
Confidence
12
Reports
First seenMar 12, 2025
Last seenJun 5, 2026
GeolocationHK
CountryHong Kong
LocationHong Kong, Kowloon
ASNAS135377
OrgUcloud Information Technology (hk) Limited
Coords22.2578, 114.1657
Proxy

VirusTotal

Not checked

WHOIS

description
proxy-proxy_http search result.
raw
inetnum: 152.32.132.0 - 152.32.132.255 netname: UCLOUD-HK descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: HK admin-c: UITH2-AP tech-c: UITH2-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-UCLOUD-HK mnt-irt: IRT-UCLOUD-HK abuse-c: AU164-AP last-modified: 2024-08-27T05:30:04Z source: APNIC irt: IRT-UCLOUD-HK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP auth: # Filtered remarks: [email protected] was validated on 2024-11-26 remarks: [email protected] was validated on 2024-11-26 mnt-by: MAINT-UCLOUD-HK last-modified: 2024-11-26T05:46:59Z source: APNIC role: ABUSE UCLOUDHK country: ZZ address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: AU164-AP remarks: Generated from irt object IRT-UCLOUD-HK remarks: [email protected] was validated on 2024-11-26 remarks: [email protected] was validated on 2024-11-26 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2024-11-26T05:47:25Z source: APNIC role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong country: HK phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: UITH2-AP notify: [email protected] mnt-by: MAINT-UCLOUD-HK last-modified: 2022-05-16T03:54:14Z source: APNIC route: 152.32.132.0/24 origin: AS135377 descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED FLAT/RM 603 6/F LAWS COMMERCIAL PLAZA 788 CHEUNG SHA WAN ROAD, KL, mnt-by: MAINT-UCLOUD-HK last-modified: 2020-11-26T07:28:38Z source: APNIC
references
https://github.com/telekom-security/tpotce

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 11 days ago
Appeared in 12 threat reports